Facebook spammer Sanford Wallace guilty of sending 27 million messages

Notorious spammer Sanford Wallace, aka the “Spam King,” found himself in a San Jose court this week as his long-running case concluded with a pair of guilty pleas.

In a press release issued Monday, the US State Attorney’s Office of the Northern District of California said the 47-year-old Las Vegas resident had pleaded guilty to charges of fraud and criminal contempt in connection with misusing electronic mail and related activity.

Wallace admitted sending over 27 million unsolicited messages through the Facebook accounts of around half a million users after he fraudulently obtained their login credentials. The messages were sent between November 2008 and March 2009.

The messages – designed to lure the unsuspecting to affiliate sites under his control – previously left him on the wrong end of a $711 million judgement handed out under the federal CAN-SPAM Act.

Wallace found himself banned from accessing Facebook’s computer networks after US District Judge Jeremy Fogel handed out orders on 2 March, 24 March and 18 September 2009.

Despite that, he “willfully and knowingly violated Judge Fogel’s order on April 17, 2009” – when he logged into his own account during a flight from Las Vegas to New York.

Paul Ducklin covers the case briefly in the video below:

→ Can’t view the video on this page? Watch directly from YouTube. Can’t hear the audio? Click on the Captions icon for closed captions.

Currently released on bond, Wallace is due back in a San Jose court on 7 December at which point US District Judge Edward J. Davila will have the option of jailing him for up to three years and fining him up to $250,000.

Given Wallace’s history – which includes a $4 million fine for infecting computers with spyware, a restraining order issued after it was alleged that his companies were selling the cure to the spyware he installed, and a judgement of $234 million handed out after he and his business partner were found to have stolen MySpace passwords before sending 700,000 junk emails – there are likely to be many out there who will be hoping he gets his comeuppance this time around.

Irrespective of what happens to the “Spam King,” the case does highlight how criminals are attracted to any area of the web in which they think they can make money.

Facebook’s massive audience makes it particularly attractive to spammers and other nefarious types, so to help you stay safe, here are 5 tips to beef up your security.

Also, consider the following to help protect against spam:

  • Install security software that can scan all of your incoming email, not only for junk, but malware too
  • Use disposable email addresses, especially for sites you will likely only visit once
  • Unsubscribe from unwanted newsletters and alerts
  • Be careful who you give your email address to and think carefully before publishing it on a public website that can be scraped by an email-harvesting bot
  • Ignore emails and Facebook messages from people you don’t recognise, and read messages carefully from friends – if it doesn’t sound like them, they could have had their account compromised
  • Think carefully before clicking any links found in emails, especially those sent by people or companies you are not familiar with – who knows where the links will take you or what might be installed on your computer when you get there
  • Mark spam as spam – this helps email clients and content management systems improve their algorithms to better detect junk mail in the future

And remember, never buy any goods or services advertised via unsolicited email – even if it isn’t a scam, at the very least you’ll be encouraging those who blasted the message out to continue their annoying business practices.

Image of Facebook message courtesy of dolphfyn / Shutterstock.com.

Leave a Reply